Merge pull request #5 from Cox-Automotive/develop

Develop
Cox-Automotive · Mar 11, 2019 · c63229a · c63229a
2 parents d9946d1 + ac750d4
commit c63229a
Showing 1 changed file with 50 additions and 10 deletions.
diff --git a/lib/alks-api.js b/lib/alks-api.js
@@ -9,12 +9,12 @@ var exports = module.exports = {};
 
 // process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0; // for testing self-signed endpoints
 
-var ALKS_DURATIONS  = [ 2, 6, 12, 18 ], // reducing due to EB not honoring long sessions: , 24, 36 ],
-    AWS_SIGNIN_URL  = 'https://signin.aws.amazon.com/federation',
-    AWS_CONSOLE_URL = 'https://console.aws.amazon.com/',
-    SANITIZE_FIELDS = [ 'password', 'refreshToken', 'accessToken', 'accessKey', 'secretKey', 'sessionToken' ],
-    DEFAULT_UA      = 'alks-node',
-    STATUS_SUCCESS  = 'success';
+var ALKS_MAX_DURATION = 18, // reducing due to EB not honoring long sessions: , 24, 36 ],
+    AWS_SIGNIN_URL    = 'https://signin.aws.amazon.com/federation',
+    AWS_CONSOLE_URL   = 'https://console.aws.amazon.com/',
+    SANITIZE_FIELDS   = [ 'password', 'refreshToken', 'accessToken', 'accessKey', 'secretKey', 'sessionToken' ],
+    DEFAULT_UA        = 'alks-node',
+    STATUS_SUCCESS    = 'success';
 
 var getMessageFromBadResponse = function(results){
     if(results.body){
@@ -68,8 +68,43 @@ var injectAuth = function(payload, headers, auth, options, callback){
     }
 };
 
-exports.getDurations = function(){
-    return ALKS_DURATIONS;
+exports.getDurations = function(account, auth, opts, callback){
+    if (arguments.length == 0) return [1]; // for legacy support
+
+    var headers = { 'User-Agent': options.ua };
+    var options = _.extend({
+        debug: false,
+        ua:    DEFAULT_UA
+    }, opts);
+    var accountId = account.alksAccount.substring(0,12);
+    var endpoint = account.server + '/loginRoles/id/' + accountId + '/' + account.alksRole;
+
+    injectAuth(null, headers, auth, options, function(err){
+        if(err) return callback(err);
+
+        log('api:getDurations', 'getting max key duration: ' + endpoint, options);
+
+        request({
+            url: endpoint,
+            method: 'GET',
+            headers: headers
+        }, function(err, results) {
+            if(err){
+                return callback(err);
+            }
+            else if(results.statusCode !== 200){
+                return callback(new Error(getMessageFromBadResponse(results)));
+            }
+            else if(results.body.statusMessage.toLowerCase() !== STATUS_SUCCESS){
+                return callback(new Error(results.body.statusMessage));
+            }
+
+            var maxKeyDuration = Math.min(ALKS_MAX_DURATION, results.body.loginRole.maxKeyDuration);
+            var durations = [];
+            for(var i=1; i<=maxKeyDuration; i++) durations.push(i);
+            callback(null, durations);
+        });
+    });
 };
 
 exports.createKey = function(account, auth, duration, opts, callback){
@@ -121,9 +156,14 @@ exports.createKey = function(account, auth, duration, opts, callback){
     });
 };
 
-exports.createIamKey = function(account, auth, opts, callback){
+exports.createIamKey = function(account, auth, duration, opts, callback){
+    if(arguments.length < 5){ // for legacy calls to createIamKey
+        callback = opts;
+        opts = duration;
+        duration = 1;
+    }
     var payload = _.extend({
-        sessionTime: 1,
+        sessionTime: duration,
         account: account.alksAccount,
         role: account.alksRole
     }, account),